Out-Law News 1 min. read

Personal data accessed by hackers of Nokia forum, company says


Hackers may have exposed the personal data of software developers for Nokia mobile phones, the company has said.

A database containing information about members of the Nokia Developer online forum was accessed, the company said. Contributors' email addresses, date of birth and username information for services such as MSN, Skype and Yahoo may have been stolen by the hackers, it said.

"We have discovered that a database table containing developer forum members' email addresses has been accessed, by exploiting a vulnerability in the bulletin board software," the Nokia Developer website team said in a statement.

"Initially we believed that only a small number of these forum member records had been accessed, but further investigation has identified that the number is significantly larger. The database table records includes members’ email addresses and, for fewer than 7% who chose to include them in their public profile, either birth dates, homepage URL or usernames for AIM, ICQ, MSN, Skype or Yahoo," the statement said.

Nokia said that no "sensitive information" like passwords or credit card details were contained in the database and that it did not believe therefore that forum members' accounts security was at risk. It said no other Nokia accounts had been affected.

Nokia apologised for the security breach and said that it was not "aware of any misuse of the accessed data" but that affected forum members could receive "unsolicited email".

The company said that it had "immediately addressed" the "initial vulnerability" but that it had taken the "developer community website offline as a precautionary measure" while "further investigations and security assessments" continue.

Nokia is the latest company to suffer from an apparent hack of personal data it controls. Earlier this year a raft of companies, including Sony and Acer, reported data breaches.

In April Sony admitted that more than 77 million customers registered with the PlayStation Network (PSN) may have had their personal details stolen.

The company turned off its PSN and music streaming service Qriocity on 20 April after discovering a breach of the information stored on its databases. PSN allows PlayStation 3 users to log in online and play games against other users live, as well as download games, films and other media.

Information stolen included users' names, addresses, email addresses, birthdays and their usernames and password logins for the PSN.

In May Sony also admitted that hackers had breached its Sony Online Entertainment (SOE) security systems. The company said the hackers may have stolen the details of 25 million SOE customers.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.